Lesson 05 Connecting to RHEL

Server
Created @December 8, 2021 10:24 PM

Class

Type

Materials

Reviewed

Last Update @December 9, 2021 4:40 PM

5.1 Root User
5.2 Logging in to the GUI
5.3 Logging in to the Console
5.4 Virtual Terminal
5.5 Switching Between Virtual Terminal
5.6 su -
5.7 sudo
5.8 ssh to Login Remotely
Remember cockpit

5.1 Root User

Lesson 05 Connecting to RHEL Server 1

 5.2 Logging in to the GUI

5.3 Logging in to the Console

Connect to the server from your virtualization interface.

5.4 Virtual Terminal

Lesson 05 Connecting to RHEL Server 2

 5.5 Switching Between Virtual Terminal
chvt : Change Virtual terminal

chvt 1
chvt 2
chvt 3
chvt 4
chvt 5
chvt 6

tty1 - tty6 are available for login

GUI is tty1

chvt : to switch between virtual terminals

or use [ctrl]+Alt+Fn

chvt 1 (GUI)

Lesson 05 Connecting to RHEL Server 3

 chvt 2

chvt 3

chvt 4

chvt 5

chvt 6

# chvt 6
// login from the tty6
# w
09:38:40 up 6:28, 5 users, load average: 0.14, 0.04, 0.01
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
student pts/0 192.168.1.4 06:15 0.00s 0.21s 0.09s sshd: student [priv]
student pts/1 192.168.1.7 08:42 0.00s 0.07s 0.03s ssh -Y student@192.16
8.1.7
root web cons ::ffff:192.168.1 08:47 0.00s 0.00s 0.01s /usr/libexec/cockpit-s

Lesson 05 Connecting to RHEL Server 4

 ession localhost
student pts/2 192.168.1.7 09:01 0.00s 0.10s 0.02s sshd: student [priv]
root tty6 - 09:38 8.00s 0.04s 0.04s -bash

5.6 su -
prompt for password of the target user.

5.7 sudo
prompt for password of the current user.

Authorization through

/etc/sudoers

/etc/sudoers.d/*

Do NOT edit directly, use visudo .

sudoers are in group wheel .

visudo

## Allows people in group wheel to run all commands

%wheel ALL=(ALL) ALL // 1- if you're memeber of group whe
el, you can run ALL commands, as ALL users.

## Same thing without a password

# %wheel ALL=(ALL) NOPASSWD: ALL // 2- allow to su without password,
DANGEROUS!

## Allows members of the users group to mount and unmount the

## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
linda ALL=/usr/sbin/useradd, /usr/bin/passwd // 4- allow (grant) lind
a, from ALL computers, and off course change password.

## Allows members of the users group to shutdown this system

# %users localhost=/sbin/shutdown -h now // 3- members of users group, on lo
calhost, are allowed (granted) to shutdown the system

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

Lesson 05 Connecting to RHEL Server 5

 vi: G to go to the last line (Ground)

usermod -aG wheel student

$ id
uid=1000(student) gid=1000(student) groups=1000(student) context=unconfined_u:unconfin
ed_r:unconfined_t:s0-s0:c0.c1023
// must logout and login
$ id
uid=1000(student) gid=1000(student) groups=1000(student),10(wheel) context=unconfined_
u:unconfined_r:unconfined_t:s0-s0:c0.c1023

$ sudo useradd bob // add user bob

[sudo] password for student:
$ tail -n 1 /etc/passwd // verify that user bob is added
bob:x:1002:1002::/home/bob:/bin/bash

$ sudo useradd alice

[sudo] password for student:
$ sudo userdel -rf alice

5.8 ssh to Login Remotely

host key is stored in ~/.ssh/known_hosts

$ ssh -Y student@192.168.1.7
The authenticity of host '192.168.1.7 (192.168.1.7)' can't be established.
ECDSA key fingerprint is SHA256:Y4JiU6rLkCiAaPftJFVbIaDz4sgMfU675Iz7/AE3M14.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.1.7' (ECDSA) to the list of known hosts.
student@192.168.1.7's password:
Web console: https://localhost:9090/ or https://192.168.1.7:9090/

Last login: Thu Dec 9 08:42:59 2021 from 192.168.1.7

Remember cockpit

Lesson 05 Connecting to RHEL Server 6

 [student@localhost test]$ systemctl enable cockpit.socket // better to make it as r
oot
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-unit-files ====
Authentication is required to manage system service or unit files.
Authenticating as: root
Password:
==== AUTHENTICATION COMPLETE ====
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/sys
temd/system/cockpit.socket.
==== AUTHENTICATING FOR org.freedesktop.systemd1.reload-daemon ====
Authentication is required to reload the systemd state.
Authenticating as: root
Password:
==== AUTHENTICATION COMPLETE ====

[student@localhost test]$ systemctl status cockpit.socket

● cockpit.socket - Cockpit Web Service Socket
Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: dis
abled)
Active: inactive (dead)
Docs: man:cockpit-ws(8)
Listen: [::]:9090 (Stream)

systemctl restart cockpit.socket // must restart the cockpit

[root@localhost ~]# systemctl status cockpit.socket

● cockpit.socket - Cockpit Web Service Socket
Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: dis
abled)
Active: active (listening) since Tue 2021-12-07 01:03:48 EST; 3s ago
Docs: man:cockpit-ws(8)
Listen: [::]:9090 (Stream)
Process: 34397 ExecStartPost=/bin/ln -snf active.motd /run/cockpit/motd (code=exite
d, status=0/SUCCESS)
Process: 34389 ExecStartPost=/usr/share/cockpit/motd/update-motd localhost (code=ex
ited, status=0/SUCCESS)
Tasks: 0 (limit: 23536)
Memory: 708.0K
CGroup: /system.slice/cockpit.socket

Dec 07 01:03:47 localhost.localdomain systemd[1]: Starting Cockpit Web Service Socket.

Dec 07 01:03:48 localhost.localdomain systemd[1]: Listening on Cockpit Web Service Soc
ket.

Before systemctl restart cockpit.socket

Lesson 05 Connecting to RHEL Server 7

 After systemctl restart cockpit.socket

Lesson 05 Connecting to RHEL Server 8